Note: Currently you need to re-enable the user and change his username after any change to the Network settings page as the files are rewritten

Also, messing around with forwarding network ports without understanding how VPN works can be a big security problem:

Quote

Do NOT forward port 1701 (L2TP), this would have allowed direct access to the L2TP server, bypassing IPSEC entirely and sending all your data unencrypted. The whole idea is that the IPSEC connection encrypts your data from end to end, and on the server end, this data will be passed on to port 1701 internally.

It *is* easier to get a connection when not going through IPSEC, but some devices will happily connect to the L2TP server if the IPSEC fails for some reason.

That said, my biggest hurdle getting VPN set up was to configure other network routers in the path (my broadband router) properly. This was mostly a try-and-fail history until I got the correct setting. Any setting related to IPSEC should be tried in all their possible settings (I had to turn one IPSEC setting off to get mine working). It seems to me that IPSEC is the cause of most problems with this VPN, so that is where I would do my investigations.

And in one case I was unable to get VPN working from one particular network because of the router at that site (or possibly other network limitation at that site).

# RSA private key for this host, authenticating it to any other host# which knows the public part. Suitable public keys, for ipsec.conf, DNS,# or configuration of other implementations, can be extracted conveniently# with "ipsec showhostkey".

Good spot, yes, I have rebooted, well, power cut anyway!! Next step I think is a UPS!!!! Although, judging by Sambuca's comments, this may have been a red herring in the first place. It was simply something I had spotted in the Openswan setup guides which was different, therefore, worth a try!

Sambuca,

Quote

What do you mean, "!VPNPass1" seems pretty plain text to me..?

In my chap-secrets file, all my users have the same password, "!VPNpass1", and !VPNpass1 is not my, nor any other of the users password!! I presume from this, you do not?!

i.e it looks roughly like this (obviously my users aren't called test1, test2...... but you get the picture!):

I'm beginning to wonder if I have something wrong with my webadmin after Sambuca's comments?!

For any LinuxMCE God's about, I'd be interested to know how the average user, who is not happy to fiddle in the command line, or less still access the MySQL database is able as the primary / admin user within their LinuxMCE system to reset a forgotten normal or VPN passwords for others? This is a fairly basic Admin type task, yet I see no feature for it?!